* g10/pubkey-enc.c (get_session_key): Don't skip at no PUBKEY_USAGE_ENC.
Emit information the key has no 'encrypt' usage.
--
GnuPG-bug-id: 4246
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
--
It is a bit surprising that nothing happens if no key is specified to
--delete-key et al. Although this is common Unix behaviour the use
might have expected that it behaves like --export and deletes all
keys. Sure we don't do the latter, so a short notice will help.
GnuPG-bug-id: 4959
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/genkey.c (agent_ask_new_passphrase): No qualitybar.
* g10/call-agent.c (agent_get_passphrase): Ditto.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--
The concept of a passphrase quality indicator is anyway questionable
because user are smart enough to trick them out and they also tend to
limit the actually used entropy.
Except for the red/green switching (to show whether constraints are
fulfilled) our qualitybar is pretty bad and thus worse than none.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/encrypt.c (setup_symkey): Use default_cipher_algo function
instead of the fallback s2k_cipher_algo. Fix error code.
(encrypt_simple): Use setup_symkey.
--
Aside of removing code duplication this patch fixes the flaw that the
S2K cipher algorithm was used when mixing public key and symmetric
encryption or signatures with symmetric encrypion. The
default_algorithm function should be used here so that the command
line option --cipher-algo and --personal-cipher-preferences have an
effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS. Adjust all callers.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg. Add arg pkalgoflags. Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags. Pass algo flags along.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/pksign.c (do_encode_eddsa): First argument is NBITs,
so that it can support Ed448, as well as Ed25519.
(agent_pksign_do): Follow the change.
* agent/sexp-secret.c (fixup_when_ecc_private_key): No fix-up needed
for Ed448, it's only for classic curves.
* common/openpgp-oid.c (oidtable): Add Ed448.
* common/sexputil.c (get_pk_algo_from_key): Ed448 is only for EdDSA.
* g10/export.c (match_curve_skey_pk): Ed448 is for EdDSA.
* g10/keygen.c (gen_ecc): Support Ed448 with the name of "ed448".
(ask_algo, parse_key_parameter_part): Handle "ed448".
* g10/pkglue.c (pk_verify): Support Ed448.
(pk_check_secret_key): Support Ed448.
* g10/sign.c (hash_for): Defaults to SHA512 for Ed448.
(make_keysig_packet): Likewise.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/free-packet.c (is_mpi_copy_broken): New.
(my_mpi_copy): Mix gcry_mpi_copy.
--
Note that in this case it is better to do a runtime check.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/pkclist.c (write_trust_status): Add arg mbox.
(check_signatures_trust): Appenmd mbox to the status lines.
--
GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/pkglue.h (sexp_extract_param_sos): New.
* g10/build-packet.c (sos_write): New.
(do_key, do_pubkey_enc, do_signature): Use sos_write for ECC.
* g10/export.c (cleartext_secret_key_to_openpgp): Use
sexp_extract_param_sos.
(transfer_format_to_openpgp): Use opaque MPI for ECC.
* g10/keygen.c (ecckey_from_sexp): Use sexp_extract_param_sos.
* g10/keyid.c (hash_public_key): Handle opaque MPI for SOS.
* g10/parse-packet.c (sos_read): New.
(parse_pubkeyenc,parse_signature,parse_key): Use sos_read for ECC.
* g10/pkglue.c (sexp_extract_param_sos): New.
(pk_verify): Handle opaque MPI for SOS.
(pk_encrypt): Use sexp_extract_param_sos.
* g10/seskey.c (encode_session_key): Use opaque MPI.
* g10/sign.c (do_sign): Use sexp_extract_param_sos.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/mainproc.c (check_sig_and_print): Add failsafe check for PK.
Pass KEYBLOCK down do check_signatures_trust. Protect existsing error
ocde in case the signature expired.
* g10/pkclist.c (is_in_sender_list): New.
(check_signatures_trust): Add args keyblock and pk. Add new uid based
checking code.
* g10/test-stubs.c, g10/gpgv.c: Adjust stubs.
--
GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (ask_key_flags_with_mask): Allow more than ECDH for
legacy curves.
(ask_algo): Tweak mapping of ECC to OpenPGP algos
(parse_key_parameter_part): Ditto.
(generate_subkeypair): Create the subkey with the time stored on the
card.
--
This fixes two problems with generating keys from a card:
1. The key usage is now set correctly for brainpool curves.
2. The add-key and --quick-add-key commands now also take the creation
time from the time stored on the card. Without that we would need
to update the creation time and fingerprint already stored on the
card which is a no-go if another key has already been created using
that on-card key.
Note: To create a key on a card without an OpenPGP keyblock use
gpg-card.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Now, it's only for
encrytion.
(pk_ecdh_decrypt): Use prepare_ecdh_with_shared_point and move decrypt
code path in original pk_ecdh_encrypt_with_shared_point here.
* g10/pkglue.h (pk_ecdh_encrypt_with_shared_point): Change API.
* g10/pkglue.c (pk_encrypt): Follow the change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/ecdh.c (build_kdf_params): New.
(pk_ecdh_encrypt_with_shared_point): Use build_kdf_params, and check
things before extract_secret_x.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/decrypt-data.c (decrypt_data): Move aead algo detection up.
--
Note that the AEAD modes are not yet approved for --compliance=de-vs
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/main.h (DEFAULT_AEAD_ALGO): Set to OCB.
--
With the old code and using libgcrypt 1.9 would have switched from the
high performance OCB to the ugly EAX mode. We are free software, we
are OCB.
* g10/pubkey-enc.c (get_it): Remove check which mandates shorter
padding.
--
According to the section 8 of RFC 6637, the sender MAY use 21 bytes of
padding for AES-128 to provide 40-byte "m".
Reported-by: Metin Savignano
GnuPG-bug-id: 4908
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpg-card.h (struct card_info_s): Add manufacturer fields.
* tools/card-call-scd.c (release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* tools/gpg-card.c (get_manufacturer): Remove.
(list_card): Use the new attribute.
* g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields.
* g10/call-agent.c (agent_release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* g10/card-util.c (get_manufacturer): Remove.
(current_card_status): Use new attribute.
--
This does away with the duplicated OpenPGP vendor tables; they are now
at a better place (app-openpgp.c).
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--
GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Fixed uses or return and kept the old string to avoid breaking
translations.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in
account.
--
Keys created at the Epoch have a creation time of 0; when figuring out
the latest signature with properties to apply to a key the usual
comparison A > B does not work if A is always 0. We now special case
this for the expiration and usage data.
Co-authored-by: gniibe@fsij.org
GnuPG-bug-id: 4670
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list. Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--
There is no need to read the list of options from the components
unless they convey a default value. It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed. Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--
Note that the --no variants of the options are intended for easy
disabling at the command line.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (read_key_from_file): Rename to ...
(read_key_from_file_or_buffer): this and add new parameters. Adjust
callers.
(import_included_key_block): New.
* g10/packet.h (PKT_signature): Add field flags.key_block.
* g10/parse-packet.c (parse_signature): Set that flags.
* g10/sig-check.c (check_signature2): Add parm forced_pk and change
all callers.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Try the included key block if no key is
available.
--
This is is the second part to support the new Key Block subpacket.
The idea is that after having received a signed mail, it is instantly
possible to reply encrypted - without the need for any centralized
infrastructure.
There is one case where this does not work: A signed mail is received
using a specified signer ID (e.g. using gpg --sender option) and the
key block with only that user ID is thus imported. The next time a
mail is received using the same key but with a different user ID; the
signatures checks out using the key imported the last time. However,
the new user id is not imported. Now when trying to reply to that
last mail, no key will be found. We need to see whether we can update
a key in such a case.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--
This patch adds support for a to be proposed OpenPGP ferature:
Introduce the Key Block subpacket to align OpenPGP with CMS.
This new subpacket may be used similar to the CertificateSet of
CMS (RFC-5652) and thus allows to start encrypted communication
after having received a signed message. In practice a stripped down
version of the key should be including having only the key material
and the self-signatures which are really useful and shall be used by
the recipient to reply encrypted.
#### Key Block
(1 octet with value 0, N octets of key data)
This subpacket MAY be used to convey key data along with a signature
of class 0x00, 0x01, or 0x02. It MUST contain the key used to create
the signature; either as the primary key or as a subkey. The key
SHOULD contain a primary or subkey capable of encryption and the
entire key must be a valid OpenPGP key including at least one User ID
packet and the corresponding self-signatures.
Implementations MUST ignore this subpacket if the first octet does not
have a value of zero or if the key data does not represent a valid
transferable public key.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/export.c (push_export_filters): New.
(pop_export_filters): New.
(export_pubkey_buffer): Add args prefix and prefixlen. Adjust
callers.
* g10/import.c (impex_filter_getval): Add property "fpr".
* g10/main.h (struct impex_filter_parm_s): Add field hexfpr.
--
The push and pop feature will help us to use the export filter
internally in gpg. Same for the export_pubkey_buffer change.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to
use ARGPARSE_ignore and remove the code in the option switch.
--
This looks better and is also required for further simplifications of
gpgconf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c: Remove all regular option descriptions. They
are now read in from the component. Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--
This second part removes all regular option descriptions because they
can be read from the components. A few were missing in the components
and thus moved to there.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (main): Re-add permission checking of the user config
file. Re-add code to check against the SE-Linux secured file list.
(get_default_configname): Remove unused func.
* configure.ac (SAFE_VERSION, SAFE_VERSION_DOT)
(SAFE_VERSION_DASH): Remove.
--
Die to the switch to the new option parser, the permissions were not
anymore checked. This patch fixes this. Note that there there is no
checking for the global config file because that file is not expected
to be user modifiable.
This patch also adds checking against the list of SE-linux secured
files. However, like in the old code the checking does not work in
practise because the to be checked files are added to the the list
only after option parsing. Tested using temporary debug code.
The SAFE_VERSION macros were used for RISC OS, which is not anymore
supported, and only in the now removed get_default_configname. There
purpose was that a RISC OS could use a modified config.h here.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpgv.c: Use new option parser.
* sm/gpgsm.c: Ditto.
* agent/gpg-agent.c: Ditto.
(opts): Add option --no-options.
--
This is the next part of changes. The latest libgpg-error is required
so that that re-reading options (SIGHUP) works.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h. Do this also for all main modules which use our option
parser except for gpg. Replace calls to strusage by calls to
gpgrt_strusage everywhere.
* g10/gpg.c (opts): Change type to gpgrt_opt_t. Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t. Rework the option
parser to make use of the new gpgrt_argparser.
--
This is not yet finished but a make check works. gpg has the most
complex and oldest option handling and thus this is the first
migration target. SE-Linux checks and version-ed config files are
missing and will be added later.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (get_seckey_default_or_card): Handle the case
when card key is not suitable for requested usage.
--
Cherry-pick stable commit of:
1cdd9e57f701f0d99d118d32adffe5216a94b0b2
GnuPG-bug-id: 4850
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
No functional changes, just fixing minor spelling issues.
---
Most of these were identified from the command line by running:
codespell \
--ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
--skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
NEWS README README.maint TODO
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/call-agent.h (struct keypair_info_s): Add fields keytime and
usage.
* g10/call-agent.c (struct keypairinfo_cb_parm_s): New.
(scd_keypairinfo_status_cb): Rework to store parsed KEYPAIRINFO data.
(agent_scd_keypairinfo): Change accordingly.
(agent_scd_readkey): Add arg ctrl and change callers. Change return
arg from an strlist_t to a keypair_info_t.
(readkey_status_cb): Use KEYPAIRINFO instead of KEY-TIME.
* g10/keygen.c (pSUBKEYCREATIONDATE): New.
(pAUTHKEYCREATIONDATE): New.
(get_parameter_u32): Allow for new parameters.
(do_create_from_keygrip): For card keys use direct scd call which does
not create a stub file.
(ask_algo): Rework to use the new keypair_info_t as return from
agent_scd_keypairinfo.
(parse_key_parameter_part): Likewise. Also get and return the key
creation time using a arg.
(parse_key_parameter_string): New args r_keytime and r_subkeytime.
(parse_algo_usage_expire): New arg r_keytime.
(proc_parameter_file): Ignore the explict pCREATIONDATE for card keys.
(quickgen_set_para): New arg keytime.
(quick_generate_keypair): Get the keytimes and set the pCARDKEY flag.
(generate_keypair): Likewise.
(do_generate_keypair): Implement the cardkey with keytime thingy.
(generate_subkeypair): Use the keytime parameters.
* g10/keygen.c (pAUTHKEYCREATIONDATE): New. Not yet set but may come
handy later.
(get_parameter_u32): Take care of that.
(do_generate_keypair): For cardkeys sign with the current time.
--
Key generation direct from the card used to work for all cards except
the OpenPGP cards. The key generation from card using an OpenPGP card
is special because the fingerprint is stored on the card and we must
make sure that the newly created key has the same fingerprint. This
requires that we take the key creation date as stored on the card into
account.
Along with the recent change in gpg-agent this change also fixes a
problem with existing stub files.
Note that with a key take from a card the self-signature are created
with the current time and not the creation time. This allows to
better distinguish keys created using the same card.
Signed-off-by: Werner Koch <wk@gnupg.org>